packages feed

HsOpenSSL 0.11.6.2 → 0.11.7

raw patch · 4 files changed

+41/−6 lines, 4 filesPVP ok

version bump matches the API change (PVP)

API changes (from Hackage documentation)

+ OpenSSL.Session: contextSetDefaultVerifyPaths :: SSLContext -> IO ()

Files

ChangeLog view
@@ -1,3 +1,12 @@+2021-04-19  Vladimir Shabanov  <dev@vshabanov.com>++	* HsOpenSSL.cabal (Version): Bump version to 0.11.7++	* Added Session.contextSetDefaultVerifyPaths+	by Alexander Biehl @alexbiehl (#59)++	* Fix for LibreSSL (#58)+ 2021-04-05  Vladimir Shabanov  <dev@vshabanov.com>  	* HsOpenSSL.cabal (Version): Bump version to 0.11.6.1
HsOpenSSL.cabal view
@@ -10,7 +10,7 @@     systems and stable. You may also be interested in the @tls@ package,     <http://hackage.haskell.org/package/tls>, which is a pure Haskell     implementation of SSL.-Version:       0.11.6.2+Version:       0.11.7 License:       PublicDomain License-File:  COPYING Author:        Adam Langley, Mikhail Vorozhtsov, PHO, Taru Karttunen
OpenSSL/Cipher.hsc view
@@ -1,3 +1,6 @@+#include "HsOpenSSL.h"+#include "openssl/aes.h"+ {-# LANGUAGE EmptyDataDecls           #-} {-# LANGUAGE ForeignFunctionInterface #-} -- | This module interfaces to some of the OpenSSL ciphers without using@@ -21,8 +24,7 @@ #endif     )     where-#include "HsOpenSSL.h"-#include "openssl/aes.h"+ import           Control.Monad (when, unless) import           Data.IORef import           Foreign
OpenSSL/Session.hsc view
@@ -26,6 +26,7 @@   , contextCheckPrivateKey   , VerificationMode(..)   , contextSetVerificationMode+  , contextSetDefaultVerifyPaths   , contextSetCAFile   , contextSetCADirectory   , contextGetCAStore@@ -78,7 +79,7 @@    ) where -#include "openssl/ssl.h"+#include "HsOpenSSL.h"  import Prelude hiding ( #if !MIN_VERSION_base(4,6,0)@@ -308,6 +309,27 @@     _ssl_set_verify_mode ctx mode $ fromMaybe nullFunPtr newCb     return () +foreign import ccall unsafe "SSL_CTX_set_default_verify_paths"+  _ssl_set_default_verify_paths :: Ptr SSLContext_ -> IO CInt++-- | Specifies that the default locations from which CA certificates are loaded+-- should be used. There is one default directory and one default file.+--+-- The default CA certificates directory is called "certs" in the default OpenSSL+-- directory. Alternatively the SSL_CERT_DIR environment variable can be defined+-- to override this location.+--+-- The default CA certificates file is called "cert.pem" in the default OpenSSL+-- directory. Alternatively the SSL_CERT_FILE environment+-- variable can be defined to override this location.+--+-- See <https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_default_verify_paths.html> for+-- more information.+contextSetDefaultVerifyPaths :: SSLContext -> IO ()+contextSetDefaultVerifyPaths context =+  withContext context $ \ctx ->+    _ssl_set_default_verify_paths ctx >>= failIf_ (/= 1)+ foreign import ccall unsafe "SSL_CTX_load_verify_locations"   _ssl_load_verify_locations :: Ptr SSLContext_ -> Ptr CChar -> Ptr CChar -> IO CInt @@ -501,11 +523,13 @@   (#const SSL_ERROR_WANT_CONNECT) -> "SSL_ERROR_WANT_CONNECT"   (#const SSL_ERROR_WANT_ACCEPT) -> "SSL_ERROR_WANT_ACCEPT"   (#const SSL_ERROR_WANT_X509_LOOKUP) -> "SSL_ERROR_WANT_X509_LOOKUP"-#if OPENSSL_VERSION_NUMBER >= 0x10100000L+#if defined(SSL_ERROR_WANT_ASYNC)   (#const SSL_ERROR_WANT_ASYNC) -> "SSL_ERROR_WANT_ASYNC"+#endif+#if defined(SSL_ERROR_WANT_ASYNC_JOB)   (#const SSL_ERROR_WANT_ASYNC_JOB) -> "SSL_ERROR_WANT_ASYNC_JOB" #endif-#if OPENSSL_VERSION_NUMBER >= 0x10101000L+#if defined(SSL_ERROR_WANT_CLIENT_HELLO_CB)   (#const SSL_ERROR_WANT_CLIENT_HELLO_CB) -> "SSL_ERROR_WANT_CLIENT_HELLO_CB" #endif   (#const SSL_ERROR_SYSCALL) -> "SSL_ERROR_SYSCALL"